Layer Defenses to Contain Attacks: Design defenses so that initial incursions, particularly in Internet-facing systems such as web servers or user endpoints, can be detected when they first occur. Have additional layers of protection around the databases, file servers, and security infrastructures the attackers are really targeting. Use an Active Defense to Catch and Repel Attacks: The final critical component is the presence of an active defense. This component involves real people who monitor IT systems and respond to intrusions when they occur. This incident response team diagnoses the
...more
